Skip to main content
Skip table of contents

Employee Self Service MFA

What is happening and why?

Employee Self Service Multi-Factor Authentication (MFA or 2FA) is being rolled out for all online customers to ensure adherence to the Australian Taxation Office (ATO) guidelines for accessing data. See Upcoming MFA changes for ESS for more information.

All employees will be required to add another factor of authentication to complement the password they use to login to Employee Self Service.

What do you need to do?

The PayGlobal Online team will enable MFA for you. But there are some key steps you can do to make sure this runs smoothly.

  • Notify employee of this change to logging into Employee Self Service and also that they will receive an email once it has been enabled (see sample emails below).

  • Let your IT team know this is happening and ask them to whitelist @mail.myobpayglobal.com to ensure employees receive the various communications and emails.

See here for template emails you can use to notify employees, along with samples of emails employees will receive during this process.

How-to guides

The help guides below can be used by the various groups. E.g. Employees, Managers, Payroll team, for instructions with due processes. The development team has enabled Managers with access to reset MFA to expedite the process and reduce interruptions to the Payroll team. However, the Payroll or HR teams can also perform this task from PayGlobal.

For Employees: Employee Manual

This guide shows the steps for employees to login including registering an MFA device from point 4.
Note, they can select to use an Authentication App or be emailed a code.

For Managers: Manager Manual

This link to product help outlines the steps to:

  • view enrolled employees.

  • manually send reminder emails.

  • reset employee MFA registration. Note: the employee will be prompted to setup MFA again at next login.

For Payroll Team: PayGlobal Help

This guide outlines the fields available in PayGlobal and shows how to reset an existing MFA registration so that the employee is prompted to setup MFA again at next login.

FAQ / common problems

Question: Can we use SSO instead of MFA?
Answer: Yes you can, the following document explains what is required - SSO manual. Please contact PayGlobal Support to update ESS with SSO configuration or to engage a consultant to assist.

Question: Can SSO and MFA be used at the same time?
Answer: No, you cannot use SSO and MFA together. MFA will not be enabled for customers that are currently using SSO to sign into ESS.

Question: Employee has not received an email reminder, nor a code when option is selected.
Answer: Check the employee record has a Work Email address populated and that it is correct. Also ask the employee to check the Junk folder for the emails.

Question: What happens to our test sites?
Answer: MFA is enabled for Test sites also. After Test has been refreshed with a copy of the Live data, the same MFA registration will apply and the same code can be used to authenticate as Live.

Question: What happens to NZ & Fijian databases? What happens if I have AU and NZ databases?
Answer: Only AU databases are being enabled. Let us know if you have other databases you would like to enable MFA for along with the start date.

Question: What happens if the person forgets their authentication device?
Answer: There is no override. Employees must use MFA to login once they have registered.

Question: What reminders do employees receive to set up the system?
Answer: A scheduled task runs every day but will only send emails if the following criteria are met:

  • The MFA Start Date has passed.

  • There is only 7 days to the deadline for the completion of MFA setup.

  • The employee:

    • Is Self-Service enabled.

    • Has a work email address in PayGlobal.

    • Has not yet completed MFA setup.

    • Has not already received a reminder email.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close